0

I can find a lot tutorials on the web for setting up an reverse SSH tunnel.

 ssh -p2000 -fNC -R 10011:localhost:[email protected]

But how I can become an SSH connection on my local server? I like to set up a connection from proxy(has a public IP) to localhost(which is in my home network) through the SSH reverse tunnel . I need to type from anywhere SSH commands on my localhost.

Thanks for your help Stefan

Improve this question
6
  • It looks like you have already set up the tunnel correctly. What exactly do you need help with? Commented Jun 26, 2021 at 23:51
  • On my localhost is only port 80 and 443 open to connect with the internet Commented Jun 27, 2021 at 0:05
  • Presumably that is why you have set up the tunnel! So what exactly do you need help with? Commented Jun 27, 2021 at 0:35
  • I become this error to day user@user:~$ ssh -f -N -T -R 2210:localhost:22 User@ip User@ip's password: user@user:~$ Warning: remote port forwarding failed for listen port 2210 connect_to locahost: unknown host (Temporary failure in name resolution) Commented Jun 27, 2021 at 9:32
  • That's a typo. It's localhost not locahost. Commented Jun 27, 2021 at 10:09

2 Answers 2

Reset to default
0

Without knowing about SSH reverse proxies, are you trying from another machine/the "proxy server" (?) to connect to a local/'private' hostname of 'localhost' that maps to the local/'private' 'loopback' address that resolves to (IPv4) '127.0.0.1' (or 127.x.x.x even) or (IPv6) '::1', when the loopback address 'resolves'/equates to the local machine, and possibly only if you have a "localhost" entry within your (*NIX - UNIX/Linux) '/etc/hosts' or (Windows) 'C:\Windows\System32\drivers\etc\hosts' file.

If so, you'd might need to target the proper 'hostname' that is mapped to a proper 'private' IP address (i.e. the one assigned to the NIC/network card) - if they are both on the same network, otherwise possibly a 'public' IP address - unless NAT (Network Address Translation - private IP to public IP conversion/replacement for outgoing & vice versa for incoming) is in place to handle this for you.

Improve this answer
0

To summarize, you have on host A (proxy.net) with a public IP and host B without a public IP. You want to to enter into an ssh shell on B from A.

This can be done by forwarding a free port of A to the sshd listening port on B.

To achieve this, first if it is not already running start sshd either by entering

sshd

into a shell, or if you have systemd like

systemctl start sshd

After this, set up a reverse tunnel from B to A like this:

ssh -N -R 8890:localhost:22 <a_user>@proxy.net

The port 8890 can be exchanged with any free port on A. The port 22 is the port that the ssh deamon sshd is listening to on B. Most likely it is 22, but it could be a different port. You can find out by running

sudo netstat -lntp

There should be a line with sshd in the Progam Name column. In that line the local address columns should show something like 127.0.0.1:22. The number behind the : is the port your ssh deamon is listening on.

After setting up the remote ssh tunnel, you can ssh into B from A by running

ssh -p 8890 <b_user>@localhost

In this post I have used <a_user> for the user on A and <b_user> as tokens for the user on B.

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.